mirror of
https://github.com/OpenXE-org/OpenXE.git
synced 2024-12-27 07:00:29 +01:00
1153 lines
46 KiB
PHP
1153 lines
46 KiB
PHP
<?php
|
|
/*
|
|
**** COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
|
*
|
|
* Xentral (c) Xentral ERP Sorftware GmbH, Fuggerstrasse 11, D-86150 Augsburg, * Germany 2019
|
|
*
|
|
* This file is licensed under the Embedded Projects General Public License *Version 3.1.
|
|
*
|
|
* You should have received a copy of this license from your vendor and/or *along with this file; If not, please visit www.wawision.de/Lizenzhinweis
|
|
* to obtain the text of the corresponding license version.
|
|
*
|
|
**** END OF COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
|
*/
|
|
?>
|
|
<?php
|
|
use Xentral\Modules\RoleSurvey\SurveyGateway;
|
|
use Xentral\Modules\RoleSurvey\SurveyService;
|
|
|
|
use Xentral\Components\Database\Exception\QueryFailureException;
|
|
|
|
class Benutzer
|
|
{
|
|
function __construct($app, $intern = false)
|
|
{
|
|
$this->app=$app;
|
|
if($intern)return;
|
|
|
|
$this->app->erp->inline['german']['benutzer']['default']['weitereyoutube'][] = array('titel'=>'Zwei-Faktor-Authentifizierung mit mOTP','youtube'=>'QfNbDsEQB9M');
|
|
|
|
$this->app->ActionHandlerInit($this);
|
|
|
|
$this->app->ActionHandler("create","UserCreate");
|
|
$this->app->ActionHandler("delete","UserDelete");
|
|
$this->app->ActionHandler("edit","UserEdit");
|
|
$this->app->ActionHandler("history","UserHistory");
|
|
$this->app->ActionHandler("list","UserList");
|
|
$this->app->ActionHandler("chrights","UserChangeRights");
|
|
$this->app->ActionHandler("download","UserDownload");
|
|
|
|
|
|
$this->app->DefaultActionHandler("list");
|
|
|
|
//$this->Templates = $this->GetTemplates();
|
|
|
|
$this->app->ActionHandlerListen($app);
|
|
}
|
|
|
|
public function Install()
|
|
{
|
|
try {
|
|
/** @var SurveyService $surveyService */
|
|
$surveyService = $this->app->Container->get('SurveyService');
|
|
$surveyService->create('user_create', 'benutzer', 'list', false, false);
|
|
}
|
|
catch (Exception $e) {
|
|
|
|
}
|
|
$this->app->erp->RegisterHook('welcome_surveysave', 'benutzer', 'UserWelcomeSurveySave');
|
|
}
|
|
|
|
/**
|
|
* @param int $surveyId
|
|
* @param int $surveyUserId
|
|
* @param array $resonse
|
|
*/
|
|
public function UserWelcomeSurveySave($surveyId, $surveyUserId, &$response)
|
|
{
|
|
/** @var SurveyGateway $surveyGateway */
|
|
$surveyGateway = $this->app->Container->get('SurveyGateway');
|
|
$survey = $surveyGateway->getById($surveyId);
|
|
if(empty($survey) || $survey['name'] !== 'user_create') {
|
|
return;
|
|
}
|
|
$dataRow = $surveyGateway->getFilledById($surveyUserId);
|
|
$data = json_decode($dataRow['data'], true);
|
|
if(!empty($data['name'])) {
|
|
foreach($data['name'] as $key => $name) {
|
|
if(empty($name)) {
|
|
continue;
|
|
}
|
|
|
|
//@todo Benutzer anlegen
|
|
}
|
|
}
|
|
/** @var SurveyService $surveyService */
|
|
$surveyService = $this->app->Container->get('SurveyService');
|
|
$surveyService->clearUserData($surveyId, $this->app->User->GetID());
|
|
$response['url'] = 'index.php?module=benutzer&action=list';
|
|
}
|
|
|
|
function UserDownload()
|
|
{
|
|
$id = $this->app->Secure->GetGET("id");
|
|
if($id > 0)
|
|
{
|
|
$result = $this->app->DB->SelectArr("SELECT module,action FROM userrights WHERE `user`='$id'");
|
|
|
|
$tmp['bezeichnung']=$this->app->DB->Select("SELECT username FROM `user` WHERE id='$id' LIMIT 1");
|
|
$tmp['beschreibung']=$this->app->DB->Select("SELECT description FROM `user` WHERE id='$id' LIMIT 1");
|
|
$tmp['rechte']=$result;
|
|
|
|
|
|
header('Content-Type: application/json');
|
|
header('Content-disposition: attachment; filename="'.$tmp['bezeichnung'].'.json"');
|
|
echo json_encode($tmp);
|
|
exit;
|
|
}
|
|
}
|
|
|
|
function UserList()
|
|
{
|
|
// $this->app->Tpl->Add(KURZUEBERSCHRIFT,"Benutzer");
|
|
$this->app->erp->MenuEintrag("index.php?module=benutzer&action=list","Übersicht");
|
|
$this->app->erp->MenuEintrag("index.php?module=benutzer&action=history","Historie");
|
|
$this->app->erp->MenuEintrag("index.php?module=benutzer&action=create","Neuen Benutzer anlegen");
|
|
$this->app->erp->MenuEintrag("index.php?module=einstellungen&action=list","Zurück zur Übersicht");
|
|
|
|
$this->app->YUI->TableSearch('USER_TABLE',"userlist");
|
|
$this->app->Tpl->Parse('PAGE', "benutzer_list.tpl");
|
|
|
|
}
|
|
|
|
/**
|
|
* @param int $userId
|
|
*
|
|
* @return bool
|
|
*/
|
|
public function isUserLastAdmin(int $userId): bool
|
|
{
|
|
return $this->isUserAdmin($userId) &&
|
|
(int)$this->app->DB->Select(
|
|
"SELECT COUNT(`id`) FROM `user` WHERE `type` = 'admin' AND `activ` = 1 AND `id` <> {$userId}"
|
|
) === 0;
|
|
}
|
|
|
|
public function isUserAdmin(int $userId): bool
|
|
{
|
|
return $this->app->DB->Select("SELECT COUNT(`id`) FROM `user` WHERE `type` = 'admin' AND `id` = {$userId}") > 0;
|
|
}
|
|
|
|
public function UserDelete(): void
|
|
{
|
|
$id = (int)$this->app->Secure->GetGET('id');
|
|
$isOwnAccount = $id === (int)$this->app->User->GetId();
|
|
if($isOwnAccount) {
|
|
$this->app->Tpl->Set('MESSAGE', "<div class=\"error\">{|Du kannst deinen eigenen Account nicht löschen.|}</div>");
|
|
} else{
|
|
$username = $this->app->DB->Select("SELECT `username` FROM `user` WHERE `id` = '{$id}'");
|
|
if(!$this->isUserLastAdmin($id)){
|
|
$this->app->DB->Delete("DELETE FROM `user` WHERE `id` = '{$id}'");
|
|
$this->app->Tpl->Set('MESSAGE', "<div class=\"error\">Der Benutzer \"$username\" wurde gelöscht.</div>");
|
|
}else{
|
|
$this->app->Tpl->Set('MESSAGE', "<div class=\"error\">Der einzige aktive Admin \"$username\" kann nicht gelöscht werden.</div>");
|
|
}
|
|
}
|
|
|
|
$this->UserList();
|
|
}
|
|
|
|
|
|
function UserCreate()
|
|
{
|
|
// $this->app->Tpl->Add(KURZUEBERSCHRIFT,"Benutzer");
|
|
$this->app->erp->MenuEintrag("index.php?module=benutzer&action=list","Zurück zur Übersicht");
|
|
|
|
$input = $this->GetInput();
|
|
$submit = $this->app->Secure->GetPOST('submituser');
|
|
|
|
$error = '';
|
|
$maxlightuser = 0;
|
|
|
|
if($submit!='') {
|
|
|
|
|
|
if($input['username']=='' && $this->app->Secure->GetPOST('hwtoken') != 4) $error .= 'Geben Sie bitte einen Benutzernamen ein.<br>';
|
|
if($input['password']=='' && $this->app->Secure->GetPOST('hwtoken') != 4 && $this->app->Secure->GetPOST('hwtoken') != 5) $error .= 'Geben Sie bitte ein Passwort ein.<br>';
|
|
if($input['repassword']=='' && $this->app->Secure->GetPOST('hwtoken') != 4 && $this->app->Secure->GetPOST('hwtoken') != 5 ) $error .= 'Wiederholen Sie bitte Ihr Passwort.<br>';
|
|
if($input['password'] != $input['repassword']) $error .= 'Die eingegebenen Passwörter stimmen nicht überein.<br>';
|
|
if($this->app->DB->Select("SELECT '1' FROM `user` WHERE username='{$input['username']}' LIMIT 1")=='1')
|
|
$error .= "Es existiert bereits ein Benutzer mit diesem Namen";
|
|
|
|
$input['adresse'] = $this->app->erp->ReplaceAdresse($input['adresse'],$input['adresse'],1);
|
|
$input['projekt'] = $this->app->erp->ReplaceProjekt($input['projekt'],$input['projekt'],1);
|
|
|
|
if($input['adresse'] <=0)
|
|
$error .= 'Geben Sie bitte eine gültige Adresse aus den Stammdaten an.<br>';
|
|
|
|
if($error!=='')
|
|
$this->app->Tpl->Set('MESSAGE', "<div class=\"error\">$error</div>");
|
|
else {
|
|
if($input['hwtoken'] == 4 && $input['type'] == 'admin')
|
|
{
|
|
$input['type'] = 'standard';
|
|
$input['startseite'] = 'index.php?module=stechuhr&action=list';
|
|
}
|
|
$input['passwordunenescaped'] = $_POST['password'];
|
|
$id = $this->app->erp->CreateBenutzer($input);
|
|
|
|
//$this->app->Tpl->Set('MESSAGE', "<div class=\"success\">Der Benutzer wurde erfolgreich angelegt</div>");
|
|
$msg = $this->app->erp->base64_url_encode("<div class=\"success\">Der Benutzer wurde erfolgreich angelegt.</div>");
|
|
header("Location: index.php?module=benutzer&action=edit&id=$id&msg=$msg");
|
|
exit;
|
|
}
|
|
}
|
|
|
|
$this->SetInput($input);
|
|
|
|
|
|
$this->app->YUI->ColorPicker('defaultcolor');
|
|
|
|
$this->app->Tpl->Set('ACTIVCHECKED',"checked");
|
|
$this->app->Tpl->Set('VORRECHTE',"<!--");
|
|
$this->app->Tpl->Set('NACHRECHTE',"-->");
|
|
$extra = '
|
|
if($(\'#hwtoken\').val() == \'4\' || $(\'#hwtoken\').val() == \'5\')
|
|
{
|
|
message = \'\';
|
|
}
|
|
';
|
|
$this->app->YUI->PasswordCheck('password', 'repassword', 'username', 'submit', $extra);
|
|
$this->app->Tpl->Parse('PAGE', "benutzer_create.tpl");
|
|
}
|
|
|
|
function UserHistory(){
|
|
$id = $this->app->Secure->GetGET('id');
|
|
$this->app->erp->MenuEintrag("index.php?module=benutzer&action=list","Übersicht");
|
|
$this->app->erp->MenuEintrag("index.php?module=benutzer&action=history","History");
|
|
|
|
$this->app->YUI->TableSearch('USER_TABLE',"permissionhistory");
|
|
$this->app->Tpl->Parse('PAGE', "benutzer_list.tpl");
|
|
}
|
|
|
|
function UserEdit()
|
|
{
|
|
$id = $this->app->Secure->GetGET('id');
|
|
$this->app->Tpl->Set('ID', $id);
|
|
$defaultcolor = $this->app->Secure->GetPOST('defaultcolor');
|
|
if($defaultcolor === 'transparent') $defaultcolor = '';
|
|
|
|
// convert value to user DB
|
|
if($this->app->User->GetParameter('welcome_defaultcolor_fuer_kalender')!=''){
|
|
|
|
$this->app->DB->Update("UPDATE user SET defaultcolor='$defaultcolor' WHERE id='".$this->app->User->GetID()."' LIMIT 1");
|
|
$this->app->User->SetParameter('welcome_defaultcolor_fuer_kalender',"");
|
|
}
|
|
|
|
|
|
if($this->app->Secure->GetGET('cmd') == 'qrruecksetzen' && $id)
|
|
{
|
|
$this->app->DB->Update("UPDATE `user` set stechuhrdevice = '' WHERE id = '$id' LIMIT 1");
|
|
echo json_encode(array('status'=>1));
|
|
exit;
|
|
}
|
|
|
|
if($this->app->Secure->GetGET('cmd') == 'getrfid' && $id)
|
|
{
|
|
$rfid = '';
|
|
$swhere = '';
|
|
$seriennummer = $this->app->Secure->GetPOST('seriennummer');
|
|
if($seriennummer != '')$swhere = " AND seriennummer = '$seriennummer' ";
|
|
$deviceiddest = $this->app->DB->Select("SELECT seriennummer FROM adapterbox WHERE verwendenals = 'metratecrfid' $swhere LIMIT 1");
|
|
if($deviceiddest)
|
|
{
|
|
$rfid = trim($this->app->erp->GetAdapterboxAPIRFID($deviceiddest));
|
|
if($rfid == 'no answer from device (not timeout)')$rfid = '';
|
|
if($rfid)
|
|
{
|
|
$rfida = explode(';',$rfid);
|
|
if(!empty($rfida[1]))$rfid = $rfida[1];
|
|
}
|
|
if($this->app->DB->Select("SELECT id FROM `user` WHERE rfidtag = '".$this->app->DB->real_escape_string($rfid)."' AND id <> '$id' LIMIT 1"))$rfid = '';
|
|
}
|
|
if($rfid == "0")$rfid = '';
|
|
echo json_encode(array('rfid'=>$rfid));
|
|
exit;
|
|
}
|
|
$jsonvorlage = $_FILES['jsonvorlage']['tmp_name'];
|
|
if($jsonvorlage!="")
|
|
{
|
|
$content = file_get_contents($jsonvorlage);
|
|
$tmp = json_decode($content);
|
|
$neuerechte=0;
|
|
|
|
$anzahl = count($tmp->{'rechte'});
|
|
for($i=0;$i<=$anzahl;$i++)
|
|
{
|
|
//echo " $i M ".$tmp->{'rechte'}[$i]->{'module'}." A ".$tmp->{'rechte'}[$i]->{'action'};
|
|
$tmpmodule = $this->app->DB->real_escape_string($tmp->{'rechte'}[$i]->{'module'});
|
|
$tmpaction = $this->app->DB->real_escape_string($tmp->{'rechte'}[$i]->{'action'});
|
|
|
|
if($tmpmodule!="" && $tmpaction!="")
|
|
{
|
|
$check = $this->app->DB->Select("SELECT id FROM userrights WHERE module='".$tmpmodule."' AND action='".$tmpaction."' AND user='".$id."' LIMIT 1");
|
|
|
|
if($check > 0)
|
|
$this->app->DB->Update("UPDATE userrights SET permission=1 WHERE module='".$tmpmodule."' AND action='".$tmpaction."' AND user='".$id."' LIMIT 1");
|
|
else {
|
|
$neuerechte++;
|
|
$this->app->DB->Insert("INSERT INTO userrights (id,module,action,user,permission) VALUES ('','".$tmpmodule."','".$tmpaction."','$id','1')");
|
|
}
|
|
$this->permissionLog($this->app->User->GetID(),$id,$tmpmodule,$tmpaction,1);
|
|
}
|
|
}
|
|
$msg = $this->app->erp->base64_url_encode("<div class=\"success\">Es wurden $neuerechte neue Rechte dem Benutzer hinzugefügt!</div>");
|
|
header("Location: index.php?module=benutzer&action=edit&id=$id&msg=$msg");
|
|
exit;
|
|
}
|
|
|
|
$this->app->erp->MenuEintrag("index.php?module=benutzer&action=edit&id=$id","Details");
|
|
$username = $this->app->DB->Select("SELECT username FROM `user` WHERE id='$id'");
|
|
// $this->app->Tpl->Add(KURZUEBERSCHRIFT2,$username);
|
|
|
|
$this->app->erp->MenuEintrag("index.php?module=benutzer&action=list","Zurück zur Übersicht");
|
|
|
|
$id = $this->app->Secure->GetGET('id');
|
|
$input = $this->GetInput();
|
|
|
|
if($input['hwtoken'] == 'totp'){
|
|
$input['hwtoken'] = '0';
|
|
}else if($input['hwtoken'] != ''){
|
|
/** @var \Xentral\Modules\TOTPLogin\TOTPLoginService $tokenManager */
|
|
$tokenManager = $this->app->Container->get('TOTPLoginService');
|
|
$tokenManager->disableTotp($id);
|
|
}
|
|
|
|
$submit = $this->app->Secure->GetPOST('submituser');
|
|
$benutzer = $this->app->DB->Select("SELECT description FROM `user` WHERE id='$id' LIMIT 1");
|
|
$name_angezeigt = $this->app->DB->Select("SELECT adresse FROM `user` WHERE id='$id' LIMIT 1");
|
|
$name = $this->app->DB->Select("SELECT name FROM adresse WHERE id='$name_angezeigt' LIMIT 1");
|
|
if($benutzer!="")$tmp = "(".$benutzer.")";
|
|
$this->app->Tpl->Add('KURZUEBERSCHRIFT2',$name." ".$tmp);
|
|
|
|
|
|
if(is_numeric($id) && $submit!='') {
|
|
$isUserLastAdmin = $this->isUserLastAdmin((int)$id);
|
|
$error = '';
|
|
if($input['username']=='') $error .= 'Geben Sie bitte einen Benutzernamen ein.<br>';
|
|
if($input['password'] != $input['repassword'] && $input['hwtoken']!=5) $error .= 'Die eingegebenen Passwörter stimmen nicht überein.<br>';
|
|
|
|
$input['adresse'] = $this->app->erp->ReplaceAdresse(1,$input['adresse'],1);
|
|
if($input['adresse'] <=0)
|
|
$error .= 'Geben Sie bitte eine gültige Adresse aus den Stammdaten an.<br>';
|
|
|
|
$input['projekt'] = $this->app->erp->ReplaceProjekt(1,$input['projekt'],1);
|
|
$isOwnAccount = $id == $this->app->User->GetId();
|
|
if($isOwnAccount && empty($input['activ'])) {
|
|
$error .= '{|Du kannst deinen eigenen Account nicht deaktivieren.|}<br>';
|
|
} elseif($isOwnAccount && $this->isUserAdmin((int)$id) && $input['type'] !== 'admin') {
|
|
$error .= '{|Du kannst deinen eigenen Account nicht in einem Benutzer umwandeln.|}<br>';
|
|
} elseif($isUserLastAdmin && empty($input['activ'])) {
|
|
$error .= '{|Der letzte Administrator kann nicht deaktiviert werden.|}<br>';
|
|
} elseif($isUserLastAdmin && $input['type'] !== 'admin') {
|
|
$error .= '{|Der letzte Administrator kann nicht in einem Benutzer umgewandelt werden.|}<br>';
|
|
}
|
|
if($error!='')
|
|
$this->app->Tpl->Set('MESSAGE', "<div class=\"error\">$error</div>");
|
|
else {
|
|
//$settings = base64_encode(serialize($input['settings']));
|
|
$firma = $this->app->User->GetFirma();
|
|
|
|
if($input['gpsstechuhr']!="1")
|
|
{
|
|
$check = $this->app->DB->Delete("DELETE FROM gpsstechuhr
|
|
WHERE `user`='".$id."'
|
|
AND DATE_FORMAT(zeit,'%Y-%m-%d')= DATE_FORMAT( NOW( ) , '%Y-%m-%d' ) LIMIT 1");
|
|
}
|
|
|
|
if(($input['hwtoken'] == 4) && $input['type'] == 'admin')
|
|
{
|
|
$anzaktivadmin = $this->app->DB->Select("SELECT count(*) from `user` where activ=1 and type = 'admin' and id <> '$id'");
|
|
if($anzaktivadmin < 1)
|
|
{
|
|
$error = 'Sie können den einzigen Administrator als Stechuhruer einbinden. Legen Sie dafür einen neuen User an';
|
|
$this->app->Tpl->Set('MESSAGE', "<div class=\"error\">$error</div>");
|
|
} else {
|
|
$input['type'] = 'standard';
|
|
$input['startseite'] = 'index.php?module=stechuhr&action=list';
|
|
}
|
|
|
|
}
|
|
if($error == "")
|
|
{
|
|
if($input['hwtoken'] == 4)
|
|
{
|
|
$stechuhrdevice = $this->app->DB->Select("SELECT stechuhrdevice from `user` where id = '$id'");
|
|
if(substr($input['username'], 0,6) !== substr($stechuhrdevice,0,6))
|
|
{
|
|
$this->app->DB->Update("UPDATE `user` set stechuhrdevice = '' where id = '$id'");
|
|
}
|
|
}
|
|
|
|
$spracheBevorzugen = $this->getCurrentDefaultLanguage($input['sprachebevorzugen']);
|
|
|
|
$this->app->DB->Update(
|
|
sprintf(
|
|
"UPDATE `user`
|
|
SET username='%s',
|
|
description='%s',
|
|
activ='%d',
|
|
type='%s',
|
|
adresse='%d',
|
|
vorlage='%s',
|
|
gpsstechuhr='%d',
|
|
rfidtag='%s',
|
|
kalender_aktiv='%d',
|
|
kalender_ausblenden='%d',
|
|
projekt='%d',
|
|
projekt_bevorzugen='%d',
|
|
sprachebevorzugen='%s',
|
|
email_bevorzugen='%d',
|
|
fehllogins='%d',
|
|
standarddrucker='%d',
|
|
standardetikett='%d',
|
|
standardversanddrucker='%d',
|
|
paketmarkendrucker='%d',
|
|
standardfax='%d',
|
|
defaultcolor='%s',
|
|
startseite='%s',
|
|
hwtoken='%d',
|
|
hwkey='%s',
|
|
hwcounter='%d',
|
|
hwdatablock='%s',
|
|
motppin='%s',
|
|
motpsecret='%s',
|
|
externlogin='%d',
|
|
firma='%d',
|
|
kalender_passwort='%s',
|
|
docscan_aktiv='%d',
|
|
docscan_passwort='%s',
|
|
`role` = '%s'
|
|
WHERE id=%d
|
|
LIMIT 1",
|
|
$input['username'],
|
|
$input['description'],
|
|
$input['activ'],
|
|
$input['type'],
|
|
$input['adresse'],
|
|
$input['vorlage'],
|
|
$input['gpsstechuhr'],
|
|
$input['rfidtag'],
|
|
$input['kalender_aktiv'],
|
|
$input['kalender_ausblenden'],
|
|
$input['projekt'],
|
|
$input['projekt_bevorzugen'],
|
|
$spracheBevorzugen,
|
|
$input['email_bevorzugen'],
|
|
$input['fehllogins'],
|
|
$input['standarddrucker'],
|
|
$input['standardetikett'],
|
|
$input['standardversanddrucker'],
|
|
$input['paketmarkendrucker'],
|
|
$input['standardfax'],
|
|
$input['defaultcolor'],
|
|
$input['startseite'],
|
|
$input['hwtoken'],
|
|
$input['hwkey'],
|
|
$input['hwcounter'],
|
|
$input['hwdatablock'],
|
|
$input['motppin'],
|
|
$input['motpsecret'],
|
|
$input['externlogin'],
|
|
$firma,
|
|
$input['kalender_passwort'],
|
|
$input['docscan_aktiv'],
|
|
$input['docscan_passwort'],
|
|
$input['role'],
|
|
$id
|
|
)
|
|
);
|
|
|
|
if($input['password']!='' && $input['password']!='***************') {
|
|
$this->app->DB->Select("SELECT passwordhash FROM `user` WHERE id = '$id' LIMIT 1");
|
|
if(!$this->app->DB->error()){
|
|
$options = array(
|
|
'cost' => 12,
|
|
);
|
|
$passwordhash = @password_hash($input['passwordunescaped'], PASSWORD_BCRYPT, $options);
|
|
if($passwordhash != '')
|
|
{
|
|
$this->app->DB->Update("UPDATE `user` SET passwordhash = '".$this->app->DB->real_escape_string($passwordhash)."',
|
|
password='',passwordmd5='', salt = '', passwordsha512 = ''
|
|
WHERE id = '".$id."' LIMIT 1");
|
|
}
|
|
}
|
|
else{
|
|
$salt = $this->app->DB->Select("SELECT salt FROM `user` WHERE id = '$id' LIMIT 1");
|
|
if(!$this->app->DB->error()){
|
|
if(empty($salt)) $salt = hash('sha512', microtime(true));
|
|
$passwordsha512 = hash('sha512', $_POST['password'] . $salt);
|
|
$this->app->DB->Update("UPDATE `user` SET password='',passwordmd5='', salt = '$salt', passwordsha512 = '$passwordsha512' WHERE id='$id' LIMIT 1");
|
|
if($salt == "" || $passwordsha512 == "") {
|
|
$this->app->DB->Update("UPDATE `user` SET `password` = '', `passwordmd5` = MD5('{$input['password']}') WHERE `id` = '$id' LIMIT 1");
|
|
} //TODO rausnehmen
|
|
}
|
|
else{
|
|
$this->app->DB->Update("UPDATE `user` SET `password` = '', `passwordmd5` = MD5('{$input['password']}') WHERE `id` = '$id' LIMIT 1");
|
|
}
|
|
}
|
|
}
|
|
|
|
$this->app->Tpl->Set('MESSAGE', "<div class=\"success\">Die Einstellungen wurden erfolgreich übernommen.</div>");
|
|
|
|
$this->app->erp->AbgleichBenutzerVorlagen($id);
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
|
|
$data = $this->app->DB->SelectArr("SELECT * FROM `user` WHERE id='$id' LIMIT 1");
|
|
if($data)
|
|
{
|
|
|
|
if($data[0]['stechuhrdevice'] != '')$this->app->Tpl->Set('BUTTONQRRESET', '<input type="button" value="Code zurücksetzen" onclick="qrruecksetzen();" />');
|
|
}
|
|
if(is_array($data[0])) {
|
|
$data[0]['password'] = '***************';
|
|
$data[0]['repassword'] = '***************';
|
|
// $data[0]['motpsecret'] = $this->app->DB->Select("SELECT DECRYPT('{$input[0]['motpsecret']}')");
|
|
// $data[0]['hwkey'] = $this->app->DB->Select("SELECT DECRYPT('{$input[0]['hwkey']}')");
|
|
//$data[0]['settings'] = unserialize(base64_decode($data[0]['settings']));
|
|
}
|
|
|
|
if($data[0]['type']=="admin"){
|
|
$this->app->Tpl->Set('HINWEISADMIN',"<div class=\"info\">Dieser Benutzer ist vom Typ Administrator. Administratoren haben immer Vollzugriff - daher können diesem keine Rechte genommen werden.</div>");
|
|
} else {
|
|
$this->app->Tpl->Add("HINWEISADMIN","<br><i>Hinweis: Blau = erlaubt, Grau = gesperrt, Sobald eine Vorlage eingetragen ist können Rechte der Vorlage dem Benutzer nicht mehr entzogen werden.</i>");
|
|
}
|
|
$this->SetInput($data[0]);
|
|
$this->UserRights();
|
|
|
|
|
|
$rfids = $this->app->DB->SelectArr("SELECT seriennummer,bezeichnung FROM adapterbox WHERE verwendenals = 'metratecrfid'");
|
|
if($rfids)
|
|
{
|
|
foreach($rfids as $v)
|
|
{
|
|
$this->app->Tpl->Add('SELRFID','<option value="'.$v['seriennummer'].'">'.$v['bezeichnung'].'</option>');
|
|
}
|
|
}
|
|
//
|
|
$this->app->YUI->ColorPicker('defaultcolor');
|
|
|
|
$extra = '
|
|
if($(\'#hwtoken\').val() == \'4\' || $(\'#hwtoken\').val() == \'5\')
|
|
{
|
|
message = \'\';
|
|
}
|
|
';
|
|
$this->app->YUI->PasswordCheck('password', 'repassword', 'username', 'submit', $extra);
|
|
$roles = $this->getRoleOptions();
|
|
$hasSelection = false;
|
|
foreach($roles as $roleKey => $roleValue) {
|
|
$selected = $roleKey === $data[0]['role']?' selected="selected"':'';
|
|
if($selected !== '') {
|
|
$hasSelection = true;
|
|
}
|
|
if(!$hasSelection && $roleKey === 'Sonstiges') {
|
|
$selected = ' selected="selected"';
|
|
}
|
|
$this->app->Tpl->Add(
|
|
'SELROLE',
|
|
sprintf(
|
|
'<option value="%s"%s>%s</option>',
|
|
$roleKey, $selected, $roleValue
|
|
)
|
|
);
|
|
}
|
|
$this->app->Tpl->Set('ROLETEXT', $data[0]['role']);
|
|
$this->app->Tpl->Set('ROLE', $data[0]['role']);
|
|
$this->app->Tpl->Parse('PAGE', "benutzer_create.tpl");
|
|
}
|
|
|
|
|
|
/**
|
|
* @return string[]
|
|
*/
|
|
public function getRoleOptions(): array
|
|
{
|
|
return [
|
|
'Buchhaltung' => 'Buchhaltung',
|
|
'Vertrieb' => 'Vertrieb',
|
|
'Einkauf / Produktion' => 'Einkauf / Produktion',
|
|
'Logistik' => 'Logistik',
|
|
'HR / Personalmanagement' => 'HR / Personalmanagement',
|
|
'Office' => 'Office',
|
|
'Marketing' => 'Marketing',
|
|
'Administration / IT' => 'Administration / IT',
|
|
'Management' => 'Management',
|
|
'Sonstiges' => 'Sonstiges',
|
|
];
|
|
}
|
|
|
|
/**
|
|
* @return array
|
|
*/
|
|
public function GetInput(): array
|
|
{
|
|
// username is an array with multiple (hidden) fields, so filter the first filled one.
|
|
$usernames = (array) $this->app->Secure->GetPOST('username');
|
|
$usernames = array_filter($usernames);
|
|
// make sure, at least one (empty) string is present in this array.
|
|
$usernames[] = '';
|
|
// reset all indexes.
|
|
$usernames = array_values($usernames);
|
|
$username = $usernames[0];
|
|
|
|
$input = array();
|
|
$input['description'] = $this->app->Secure->GetPOST('description');
|
|
$input['type'] = $this->app->Secure->GetPOST('type');
|
|
$input['username'] = $username;
|
|
$input['vorlage'] = $this->app->Secure->GetPOST('vorlage');
|
|
$input['adresse'] = $this->app->Secure->GetPOST('adresse');
|
|
$input['externlogin'] = $this->app->Secure->GetPOST('externlogin');
|
|
$input['activ'] = $this->app->Secure->GetPOST('activ');
|
|
$input['gpsstechuhr'] = $this->app->Secure->GetPOST('gpsstechuhr');
|
|
$input['rfidtag'] = $this->app->Secure->GetPOST('rfidtag');
|
|
$input['kalender_aktiv'] = $this->app->Secure->GetPOST('kalender_aktiv');
|
|
$input['kalender_ausblenden'] = $this->app->Secure->GetPOST('kalender_ausblenden');
|
|
$input['projekt'] = $this->app->Secure->GetPOST('projekt');
|
|
$input['projekt_bevorzugen'] = $this->app->Secure->GetPOST('projekt_bevorzugen');
|
|
$input['email_bevorzugen'] = $this->app->Secure->GetPOST('email_bevorzugen');
|
|
$input['startseite'] = $this->app->Secure->GetPOST('startseite');
|
|
$input['defaultcolor'] = $this->app->Secure->GetPOST('defaultcolor');
|
|
if($input['defaultcolor'] === 'transparent') $input['defaultcolor'] = '';
|
|
$input['fehllogins'] = $this->app->Secure->GetPOST('fehllogins');
|
|
$input['password'] = $this->app->Secure->GetPOST('password');
|
|
$input['repassword'] = $this->app->Secure->GetPOST('repassword');
|
|
$input['passwordunescaped'] = $this->app->Secure->GetPOST('password',"","","noescape");
|
|
$input['hwtoken'] = $this->app->Secure->GetPOST('hwtoken');
|
|
$input['motppin'] = $this->app->Secure->GetPOST('motppin');
|
|
$input['motpsecret'] = $this->app->Secure->GetPOST('motpsecret');
|
|
$input['hwkey'] = $this->app->Secure->GetPOST('hwkey');
|
|
$input['hwcounter'] = $this->app->Secure->GetPOST('hwcounter');
|
|
$input['hwdatablock'] = $this->app->Secure->GetPOST('hwdatablock');
|
|
$input['standarddrucker'] = $this->app->Secure->GetPOST('standarddrucker');
|
|
$input['standardversanddrucker'] = $this->app->Secure->GetPOST('standardversanddrucker');
|
|
$input['paketmarkendrucker'] = $this->app->Secure->GetPOST('paketmarkendrucker');
|
|
$input['standardetikett'] = $this->app->Secure->GetPOST('standardetikett');
|
|
$input['standardfax'] = $this->app->Secure->GetPOST('standardfax');
|
|
$input['sprachebevorzugen'] = $this->app->Secure->GetPOST('sprachebevorzugen');
|
|
$input['role'] = $this->app->Secure->GetPOST('role');
|
|
|
|
//$input['settings'] = $this->app->Secure->GetPOST('settings');
|
|
$input['kalender_passwort'] = $this->app->Secure->GetPOST('kalender_passwort');
|
|
$input['docscan_aktiv'] = $this->app->Secure->GetPOST('docscan_aktiv');
|
|
$input['docscan_passwort'] = $this->app->Secure->GetPOST('docscan_passwort');
|
|
return $input;
|
|
}
|
|
|
|
function SetInput($input)
|
|
{
|
|
$this->app->Tpl->Set('DESCRIPTION', $input['description']);
|
|
$this->app->Tpl->Set('TYPESELECT', $this->TypeSelect($input['type']));
|
|
$this->app->Tpl->Set('USERNAME', $input['username']);
|
|
$this->app->Tpl->Set('VORLAGE', $input['vorlage']);
|
|
$this->app->Tpl->Set('ADRESSE', $this->app->erp->ReplaceAdresse(0,$input['adresse'],0));
|
|
$this->app->Tpl->Set('PROJEKT', $this->app->erp->ReplaceProjekt(0,$input['projekt'],0));
|
|
$this->app->Tpl->Set('RFIDTAG', $input['rfidtag']);
|
|
|
|
$this->app->YUI->AutoComplete("adresse","adresse");
|
|
$this->app->YUI->AutoComplete("vorlage","uservorlage");
|
|
$this->app->YUI->AutoComplete("projekt","projektname",1);
|
|
|
|
if($input['externlogin']=='1') $this->app->Tpl->Set('EXTERNLOGINCHECKED', 'checked');
|
|
if($input['activ']=='1') $this->app->Tpl->Set('ACTIVCHECKED', 'checked');
|
|
if($input['gpsstechuhr']=='1') $this->app->Tpl->Set('GPSSTECHUHRCHECKED', 'checked');
|
|
if($input['kalender_aktiv']=='1') $this->app->Tpl->Set('KALENDERAKTIVCHECKED', 'checked');
|
|
if($input['kalender_ausblenden']=='1') $this->app->Tpl->Set('KALENDERAUSBLENDENCHECKED', 'checked');
|
|
if($input['projekt_bevorzugen']=='1') $this->app->Tpl->Set('PROJEKTBEVORZUGENCHECKED', 'checked');
|
|
if($input['email_bevorzugen']=='1') $this->app->Tpl->Set('EMAILBEVORZUGENCHECKED', 'checked');
|
|
if($input['docscan_aktiv']=='1') $this->app->Tpl->Set('DOCSCANAKTIVCHECKED', 'checked');
|
|
|
|
$this->app->Tpl->Set('STARTSEITE', $input['startseite']);
|
|
$this->app->Tpl->Set('DEFAULTCOLOR', $input['defaultcolor']);
|
|
$this->app->Tpl->Set('SPRACHEBEVORZUGEN',$this->languageSelectOptions($input['sprachebevorzugen']));
|
|
$this->app->Tpl->Set('FEHLLOGINS', $input['fehllogins']);
|
|
$this->app->Tpl->Set('PASSWORD', $input['password']);
|
|
$this->app->Tpl->Set('REPASSWORD', $input['repassword']);
|
|
$this->app->Tpl->Set('TOKENSELECT', $this->TokenSelect($input['hwtoken']));
|
|
$this->app->Tpl->Set('MOTPPIN', $input['motppin']);
|
|
$this->app->Tpl->Set('MOTPSECRET', $input['motpsecret']);
|
|
$this->app->Tpl->Set('HWKEY', $input['hwkey']);
|
|
$this->app->Tpl->Set('HWCOUNTER', $input['hwcounter']);
|
|
$this->app->Tpl->Set('HWDATABLOCK', $input['hwdatablock']);
|
|
$this->app->Tpl->Set('STANDARDDRUCKER', $this->app->erp->GetSelectDrucker($input['standarddrucker']));
|
|
$this->app->Tpl->Set('STANDARDVERSANDDRUCKER', $this->app->erp->GetSelectVersanddrucker($input['standardversanddrucker']));
|
|
$this->app->Tpl->Set('PAKETMARKENDRUCKER', $this->app->erp->GetSelectVersanddrucker($input['paketmarkendrucker']));
|
|
$this->app->Tpl->Set('STANDARDETIKETT', $this->app->erp->GetSelectEtikettenDrucker($input['standardetikett']));
|
|
$this->app->Tpl->Set('STANDARDFAX', $this->app->erp->GetSelectFax($input['standardfax']));
|
|
//$this->app->Tpl->Set('SETTINGS', $input['settings']);
|
|
$this->app->Tpl->Set('SERVERNAME', $this->app->erp->UrlOrigin($_SERVER));
|
|
$this->app->Tpl->Set('KALENDERPASSWORT', $input['kalender_passwort']);
|
|
$this->app->Tpl->Set('DOCSCANPASSWORT', $input['docscan_passwort']);
|
|
$this->app->Tpl->Set('ROLE', $input['role']);
|
|
$this->app->Tpl->Set('ROLETEXT', $input['role']);
|
|
}
|
|
|
|
function TypeSelect($select='admin')
|
|
{
|
|
$data = array('standard'=>'Benutzer','admin'=>'Administrator');
|
|
//, 'verwaltung'=>'Verwaltung', 'vollzugriff'=>'Vollzugriff', 'mitarbeiter'=>'Mitarbeiter', 'produktion'=>'Produktion');
|
|
|
|
$out = "";
|
|
foreach($data as $key=>$value) {
|
|
$selected = (($select==$key) ? 'selected' : '');
|
|
$out .= "<option value=\"$key\" $selected>$value</option>";
|
|
}
|
|
return $out;
|
|
}
|
|
|
|
private function getCurrentDefaultLanguage($fromPost){
|
|
|
|
if(empty($fromPost)){
|
|
$fromPost = $this->app->erp->Firmendaten('preferredLanguage');
|
|
|
|
if(empty($fromPost)){
|
|
$fromPost = 'deutsch';
|
|
}
|
|
}
|
|
return $fromPost;
|
|
}
|
|
|
|
/**
|
|
* Liefert einen String aus HTML-Optionen zurück
|
|
* @param string $fromPost
|
|
* @return string
|
|
*/
|
|
private function languageSelectOptions($fromPost=''){
|
|
|
|
$select = $this->getCurrentDefaultLanguage($fromPost);
|
|
|
|
$out = "";
|
|
$sprachen = $this->getLanguages();
|
|
|
|
foreach($sprachen as $sprache) {
|
|
$selected = (($select==$sprache) ? 'selected' : '');
|
|
$out .= "<option value=\"$sprache\" $selected>$sprache</option>";
|
|
}
|
|
return $out;
|
|
}
|
|
|
|
/**
|
|
* Liefert einen Array aus Strings zurück. Immer mindestens 'deutsch' enthalten
|
|
* @return array
|
|
*/
|
|
private function getLanguages(){
|
|
|
|
$sprachen[] = 'deutsch';
|
|
$folder = __DIR__ .'/../../languages';
|
|
if(is_dir($folder))
|
|
{
|
|
$handle = opendir($folder);
|
|
if($handle){
|
|
while($file = readdir($handle))
|
|
{
|
|
if($file[0] !== '.')
|
|
{
|
|
if(is_dir($folder.'/'.$file) && (file_exists($folder.'/'.$file.'/variablen.php')|| file_exists($folder.'/'.$file.'/variablen_custom.php')))
|
|
{
|
|
if($file == 'german')$file = 'deutsch';
|
|
if(!in_array($file, $sprachen))$sprachen[] = $file;
|
|
}
|
|
}
|
|
}
|
|
closedir($handle);
|
|
}
|
|
}
|
|
return $sprachen;
|
|
}
|
|
|
|
/**
|
|
* @param string $select
|
|
*
|
|
* @return string
|
|
*/
|
|
public function TokenSelect($select='0')
|
|
{
|
|
//$data = array('0'=>'Benutzername + Passwort', '1'=>'Benutzername + Passwort + mOTP', '2'=>'Benutzername + Passwort + Picosafe Login','3'=>'WaWision OTP + Passwort');
|
|
$data = array('0'=>'Benutzername + Passwort',
|
|
'3'=>'WaWision LoginKey + Benutzername + Passwort',
|
|
'5'=>'LDAP Verzeichnis'
|
|
);
|
|
|
|
/** @var \Xentral\Modules\TOTPLogin\TOTPLoginService $tokenManager */
|
|
$tokenManager = $this->app->Container->get('TOTPLoginService');
|
|
$user = $this->app->Secure->GetGET('id');
|
|
try {
|
|
if($user != null && $user != '' && $tokenManager->isTOTPEnabled($user)){
|
|
$data['totp'] = 'Benutzername + Passwort + TOTP 2FA';
|
|
$select = 'totp';
|
|
}
|
|
}
|
|
catch(QueryFailureException $e) {
|
|
$this->app->erp->InstallModul('totp');
|
|
}
|
|
|
|
if($this->app->erp->RechteVorhanden('stechuhrdevice','list') || $this->app->erp->RechteVorhanden('mitarbeiterzeiterfassung','list'))
|
|
{
|
|
$data['4'] = 'Mitarbeiterzeiterfassung QR-Code';
|
|
}
|
|
|
|
$out = "";
|
|
foreach($data as $key=>$value) {
|
|
$selected = (($select==$key) ? 'selected' : '');
|
|
$out .= "<option value=\"$key\" $selected>$value</option>";
|
|
}
|
|
return $out;
|
|
}
|
|
|
|
function UserRights()
|
|
{
|
|
$id = $this->app->Secure->GetGET('id');
|
|
$template = $this->app->Secure->GetPOST('usertemplate');
|
|
$copytemplate = $this->app->Secure->GetPOST('copyusertemplate');
|
|
$hwtoken = $this->app->DB->Select("SELECT hwtoken FROM `user` where id = '$id' LIMIT 1");
|
|
$modules = $this->ScanModules();
|
|
if($hwtoken == 4)
|
|
{
|
|
$modulecount = (!empty($modules)?count($modules):0);
|
|
$curModule = 0;
|
|
foreach($modules as $module=>$actions) {
|
|
$lower_m = strtolower($module);
|
|
$curModule++;
|
|
$actioncount = (!empty($actions)?count($actions):0);
|
|
for($i=0;$i<$actioncount;$i++) {
|
|
$delimiter = (($curModule<$modulecount || $i+1<$actioncount) ? ', ' : ';');
|
|
$active = 0;
|
|
if($lower_m == 'stechuhr' && ($actions[$i] == 'list' || $actions[$i] == 'change'))$active = 1;
|
|
if($active==1){
|
|
$this->app->DB->Insert("INSERT INTO userrights (`user`, module, action, permission) VALUES ('$id', '$lower_m', '{$actions[$i]}', '$active')");
|
|
$this->permissionLog($this->app->User->GetID(),$id,$module,$actions[$i],$active);
|
|
}
|
|
}
|
|
}
|
|
}else {
|
|
|
|
if($template!='') {
|
|
$mytemplate = $this->app->Conf->WFconf['permissions'][$template];
|
|
$permissions = $this->app->DB->SelectArr("SELECT module,action FROM userrights WHERE user=$id");
|
|
$this->app->DB->Delete("DELETE FROM userrights WHERE `user`='$id'");
|
|
foreach ($permissions as $permission){
|
|
$this->permissionLog($this->app->User->GetID(),$id,$permission['module'],$permission['action'],0);
|
|
}
|
|
//$sql = 'INSERT INTO userrights (user, module, action, permission) VALUES ';
|
|
|
|
$modulecount = (!empty($modules)?count($modules):0);
|
|
$curModule = 0;
|
|
foreach($modules as $module=>$actions) {
|
|
$lower_m = strtolower($module);
|
|
$curModule++;
|
|
$actioncount = (!empty($actions)?count($actions):0);
|
|
for($i=0;$i<$actioncount;$i++) {
|
|
$delimiter = (($curModule<$modulecount || $i+1<$actioncount) ? ', ' : ';');
|
|
$active = ((isset($mytemplate[$lower_m]) && in_array($actions[$i], $mytemplate[$lower_m])) ? '1' : '0');
|
|
if($active==1){
|
|
$this->app->DB->Insert("INSERT INTO userrights (`user`, module, action, permission) VALUES ('$id', '$lower_m', '{$actions[$i]}', '$active')");
|
|
$this->permissionLog($this->app->User->GetID(),$id,$module,$actions[$i],$active);
|
|
}
|
|
}
|
|
}
|
|
//$this->app->DB->Query($sql);
|
|
}
|
|
|
|
if($copytemplate!='') {
|
|
$ok = true;
|
|
// echo "User $id $copytemplate";
|
|
if($ok)
|
|
{
|
|
$permissions = $this->app->DB->SelectArr("SELECT module,action FROM userrights WHERE user=$id");
|
|
foreach ($permissions as $permission){
|
|
$this->permissionLog($this->app->User->GetID(),$id,$permission['module'],$permission['action'],0);
|
|
}
|
|
$this->app->DB->Delete("DELETE FROM userrights WHERE `user`='$id'");
|
|
$permissions = $this->app->DB->SelectArr("SELECT module,action FROM userrights WHERE user=$copytemplate");
|
|
$this->app->DB->Update("INSERT INTO userrights (`user`, module,action,permission) (SELECT '$id',module, action,permission FROM userrights WHERE user='".$copytemplate."')");
|
|
foreach ($permissions as $permission){
|
|
$this->permissionLog($this->app->User->GetID(),$id,$permission['module'],$permission['action'],1);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
$dbrights = $this->app->DB->SelectArr("SELECT module, action, permission FROM userrights WHERE `user`='$id' ORDER BY module");
|
|
$group = $this->app->DB->Select("SELECT `type` FROM `user` WHERE id='$id' LIMIT 1");
|
|
|
|
$rights = $this->app->Conf->WFconf['permissions'][$group];
|
|
if(is_array($dbrights) && (!empty($dbrights)?count($dbrights):0)>0)
|
|
$rights = $this->AdaptRights($dbrights, $rights, $group);
|
|
|
|
$modules = $this->ScanModules();
|
|
$table = $this->CreateTable($id, $modules, $rights);
|
|
|
|
|
|
//$this->app->Tpl->Set('USERTEMPLATES', $this->TemplateSelect());
|
|
$this->app->Tpl->Set('USERNAMESELECT', $this->app->erp->GetSelectUser("",$id));
|
|
$this->app->Tpl->Set('MODULES', $table);
|
|
}
|
|
|
|
function UserChangeRights()
|
|
{
|
|
$user = $this->app->Secure->GetGET('b_user');
|
|
$module = $this->app->Secure->GetGET('b_module');
|
|
$action = $this->app->Secure->GetGET('b_action');
|
|
$value = $this->app->Secure->GetGET('b_value');
|
|
|
|
if(is_numeric($user) && $module!='' && $action!='' && $value!='') {
|
|
$id = $this->app->DB->Select("SELECT id FROM userrights WHERE user='$user' AND module='$module' AND action='$action' LIMIT 1");
|
|
if(is_numeric($id) && $id>0)
|
|
{
|
|
if($value=="1")
|
|
{
|
|
$this->app->DB->Update("UPDATE userrights SET permission='$value' WHERE id='$id' LIMIT 1");
|
|
}
|
|
else
|
|
{
|
|
|
|
|
|
$sql = "
|
|
SELECT
|
|
permission
|
|
FROM
|
|
`uservorlagerights`
|
|
INNER JOIN `uservorlage` INNER JOIN `user` ON `uservorlagerights`.`vorlage` = `uservorlage`.`id` AND `user`.`vorlage` = `uservorlage`.`bezeichnung`
|
|
WHERE
|
|
`user`.`id` = '$user' AND `uservorlagerights`.`module` = '$module' AND `uservorlagerights`.`action` = '$action' LIMIT 1";
|
|
|
|
$uservorlageright = $this->app->DB->Select($sql);
|
|
|
|
$fromtemplate = false;
|
|
if (!empty($uservorlageright)) {
|
|
if ($uservorlageright[0] == '1') {
|
|
$fromtemplate = true;
|
|
}
|
|
}
|
|
|
|
if (!$fromtemplate) {
|
|
$this->app->DB->Delete("DELETE FROM userrights WHERE user='$user' AND module='$module' AND action='$action'");
|
|
}
|
|
}
|
|
}
|
|
else {
|
|
$this->app->DB->Insert("INSERT INTO userrights (user, module, action, permission) VALUES ('$user', '$module', '$action', '$value')");
|
|
}
|
|
$this->permissionLog($this->app->User->GetID(),$user,$module,$action,$value);
|
|
}
|
|
|
|
echo $this->app->DB->Select("SELECT permission FROM userrights WHERE user='$user' AND module='$module' AND action='$action' LIMIT 1");
|
|
|
|
exit;
|
|
}
|
|
|
|
public function permissionLog($grantingUserId,$receivingUserId,$module,$action,$permission){
|
|
$grantingUserName = $this->app->DB->Select("SELECT username FROM user WHERE id=$grantingUserId");
|
|
$receivingUserName = $this->app->DB->Select("SELECT username FROM user WHERE id=$receivingUserId");
|
|
$permission = !empty($permission);
|
|
try {
|
|
$userPermission = $this->app->Container->get('UserPermissionService');
|
|
$userPermission->log($grantingUserId,$grantingUserName,$receivingUserId,$receivingUserName,$module,$action,$permission);
|
|
}catch (Exception $ex){
|
|
$this->app->erp->LogFile('Fehler bei Zuweisung Rechtehistore',$ex->getMessage());
|
|
}
|
|
}
|
|
|
|
|
|
function AdaptRights($dbarr, $rights)
|
|
{
|
|
$cnt = (!empty($dbarr)?count($dbarr):0);
|
|
for($i=0;$i<$cnt;$i++) {
|
|
$module = $dbarr[$i]['module'];
|
|
$action = $dbarr[$i]['action'];
|
|
$perm = $dbarr[$i]['permission'];
|
|
|
|
if(isset($rights[$module])) {
|
|
if($perm=='1' && !in_array($action, $rights[$module]))
|
|
$rights[$module][] = $action;
|
|
|
|
if($perm=='0' && in_array($action, $rights[$module])) {
|
|
$index = array_search($action, $rights[$module]);
|
|
unset($rights[$module][$index]);
|
|
$rights[$module] = array_values($rights[$module]);
|
|
}
|
|
}else if($perm=='1') $rights[$module][] = $action;
|
|
}
|
|
return $rights;
|
|
}
|
|
|
|
function CreateTable($user, $modules, $rights)
|
|
{
|
|
$maxcols = 6;
|
|
$width = 100 / $maxcols;
|
|
$out = '';
|
|
foreach($modules as $key=>$value) {
|
|
if(strtolower($key) == 'api' || strtolower($key) == 'ajax')continue;
|
|
$out .= "<tr><td class=\"name\">$key</td></tr>";
|
|
|
|
$out .= "<tr><td><table class=\"action\">";
|
|
$module = strtolower($key);
|
|
for($i=0;$i<$maxcols || $i<(!empty($value)?count($value):0);$i++) {
|
|
if($i%$maxcols==0) $out .= "<tr>";
|
|
|
|
if (gettype($rights[$module]) == 'array') {
|
|
|
|
if(isset($value[$i]) && in_array($value[$i], $rights[$module])) {
|
|
$class = 'class="blue"';
|
|
$active = '1';
|
|
}else{
|
|
$class = 'class="grey"';
|
|
$active = 0;
|
|
}
|
|
} else {
|
|
$class = 'class="grey"';
|
|
$active = 0;
|
|
}
|
|
|
|
$class = ((isset($value[$i])) ? $class : '');
|
|
|
|
$action = ((isset($value[$i])) ? strtolower($value[$i]) : '');
|
|
$onclick = ((isset($value[$i])) ? "onclick=\"ChangeRights(this, '$user','$module','$action')\"" : '');
|
|
$out .= "<td width=\"$width%\" $class value=\"$active\" $onclick>{$action}</td>";
|
|
|
|
if($i%$maxcols==($maxcols-1)) $out .= "</tr>";
|
|
}
|
|
$out .= "</table></td></tr>";
|
|
}
|
|
|
|
return $out;
|
|
}
|
|
|
|
/**
|
|
* @param string $page
|
|
* @param array $actions
|
|
*
|
|
* @return array
|
|
*/
|
|
public function getActionsFromFile($page, $actions = [])
|
|
{
|
|
if(substr($page,-8) === '.src.php') {
|
|
return $actions;
|
|
}
|
|
$content = file_get_contents($page);
|
|
$foundItems = preg_match_all('/ActionHandler\([\"|\\\'][[:alnum:]].*[\"|\\\'],/', $content, $matches);
|
|
if($foundItems <= 0) {
|
|
return $actions;
|
|
}
|
|
$action = str_replace(array('ActionHandler("','ActionHandler(\'','",' , '\',' ),'', $matches[0]);
|
|
if(empty($action) || !is_array($action)) {
|
|
return $actions;
|
|
}
|
|
if(isset($actions)) {
|
|
$actionsCount = $action ? count($action) : 0;
|
|
for ($i = 0; $i < $actionsCount; $i++) {
|
|
if(empty($action[$i])) {
|
|
continue;
|
|
}
|
|
$found = false;
|
|
foreach ($actions as $v) {
|
|
if($v == $action[$i]){
|
|
$found = true;
|
|
break;
|
|
}
|
|
}
|
|
if(!$found){
|
|
$actions[] = $action[$i];
|
|
}
|
|
}
|
|
}
|
|
else{
|
|
$actionsCount = $action ? count($action) : 0;
|
|
for ($i = 0; $i < $actionsCount; $i++) {
|
|
$actions[] = $action[$i];
|
|
}
|
|
}
|
|
sort($actions);
|
|
|
|
return $actions;
|
|
}
|
|
|
|
/**
|
|
* @return array
|
|
*/
|
|
public function ScanModules()
|
|
{
|
|
//$files = glob('./pages/*.php');
|
|
$files = glob(__DIR__.'/*.php');
|
|
$encodedActions = [];
|
|
if(method_exists($this->app->erp,'getEncModullist')) {
|
|
$encodedActions = $this->app->erp->getEncModullist();
|
|
}
|
|
if(empty($encodedActions)) {
|
|
$encodedActions = [];
|
|
}
|
|
$modules = array();
|
|
if(empty($files)) {
|
|
return $encodedActions;
|
|
}
|
|
foreach($files as $page) {
|
|
$name = ucfirst(str_replace('_custom','',basename($page,'.php')));
|
|
if(substr($page,-8) === '.src.php') {
|
|
continue;
|
|
}
|
|
|
|
$modules[$name] = $this->getActionsFromFile($page, isset($modules[$name]) ? $modules[$name]: []);
|
|
|
|
if(!empty($encodedActions[$name]) && is_array($encodedActions[$name]) && count($encodedActions[$name]) > 0) {
|
|
if(isset($modules[$name])) {
|
|
$encodedActionsCount = $encodedActions[$name]?count($encodedActions[$name]):0;
|
|
for($i=0;$i<$encodedActionsCount;$i++) {
|
|
$found = false;
|
|
foreach($modules[$name] as $moduleAction) {
|
|
if($moduleAction == $encodedActions[$name][$i]) {
|
|
$found = true;
|
|
break;
|
|
}
|
|
}
|
|
if(!$found) {
|
|
$modules[$name][] = $encodedActions[$name][$i];
|
|
}
|
|
}
|
|
}
|
|
else{
|
|
$modules[$name] = $encodedActions[$name];
|
|
}
|
|
sort($modules[$name]);
|
|
}
|
|
}
|
|
|
|
foreach($modules as $name => $actions) {
|
|
if(empty($actions)) {
|
|
unset($modules[$name]);
|
|
}
|
|
}
|
|
|
|
return $modules;
|
|
}
|
|
|
|
function TemplateSelect()
|
|
{
|
|
$options = "<option value=\"\">-- Bitte auswählen --</option>";
|
|
foreach($this->Templates as $key=>$value) {
|
|
if($key!="web")
|
|
$options .= "<option value=\"$key\">".ucfirst($key)."</option>";
|
|
}
|
|
|
|
return $options;
|
|
}
|
|
|
|
function GetTemplates()
|
|
{
|
|
return $this->app->Conf->WFconf['permissions'];
|
|
}
|
|
}
|